Your submission was sent successfully! Close

CVE-2022-37032

Published: 19 September 2022

An out-of-bounds read in the BGP daemon of FRRouting FRR before 8.4 may lead to a segmentation fault and denial of service. This occurs in bgp_capability_msg_parse in bgpd/bgp_packet.c.

Priority

Medium

CVSS 3 base score: 9.1

Status

Package Release Status
frr
Launchpad, Ubuntu, Debian
bionic Does not exist

focal Needed

jammy
Released (8.1-1ubuntu1.2)
kinetic
Released (8.1-1ubuntu3)
trusty Ignored
(out of standard support)
upstream Needs triage

xenial Ignored
(out of standard support)
Patches:
upstream: https://github.com/FRRouting/frr/commit/ff6db1027f8f36df657ff2e5ea167773752537ed